Patents by Inventor Eli Boling
Eli Boling has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20260161634Abstract: Systems and methods for updating metadata. In some embodiments, in response to detecting an instruction executed by a hardware system, a source location of the instruction may be identified. First metadata associated with the instruction may be used to determine whether the instruction is allowed. In response to determining that the instruction is allowed, the source location of the instruction may be associated with second metadata.Type: ApplicationFiled: December 11, 2025Publication date: June 11, 2026Applicant: DOVER MICROSYSTEMS, INC.Inventors: Eli BOLING, Steven MILBURN, Gregory T. SULLIVAN, Andrew SUTHERLAND
-
Patent number: 12645798Abstract: Systems and methods for on-demand loading of metadata. In some embodiments, in response to receiving a page fault service request from an operating system kernel, at least one first physical page may be allocated in an application memory for a virtual address indicated in the page fault service request. Metadata may be loaded into at least one second physical page in a metadata memory, wherein: the at least one second physical page in the metadata memory corresponds to the at least one first physical page in the application memory; and the metadata loaded into the at least one second physical page corresponds to application data loaded into the at least one first physical page.Type: GrantFiled: September 2, 2022Date of Patent: June 2, 2026Assignee: Dover Microsystems, Inc.Inventors: Eli Boling, Steven Milburn
-
Patent number: 12524394Abstract: Systems and methods for updating metadata. In some embodiments, in response to detecting an instruction executed by a hardware system, a source location of the instruction may be identified. First metadata associated with the instruction may be used to determine whether the instruction is allowed. In response to determining that the instruction is allowed, the source location of the instruction may be associated with second metadata.Type: GrantFiled: July 19, 2024Date of Patent: January 13, 2026Assignee: Dover Microsystems, Inc.Inventors: Eli Boling, Steven Milburn, Gregory T. Sullivan, Andrew Sutherland
-
Publication number: 20250390572Abstract: Systems and methods for metadata processing. In some embodiments, one or more metadata inputs may be processed to determine whether to allow an instruction. For instance, one or more classification bits may be identified from a metadata input of the one or more metadata inputs, and the metadata input may be processed based on the one or more classification bits.Type: ApplicationFiled: June 3, 2025Publication date: December 25, 2025Applicant: DOVER MICROSYSTEMS, INC.Inventors: Andrew SUTHERLAND, Steven MILBURN, Gregory T. SULLIVAN, Eli BOLING
-
Publication number: 20250278362Abstract: Presented herein are systems and methods for configuring devices with write operations. One or more processors can identify a first sequence of write operations to configure a device. Each write operation in the first sequence of write operations can identify a set of a value and an address to which to write the value. The one or more processors can determine one or more distances between a set of the value and the address of a write operation and at least one other set of the value and the address of one or more other write operations in the first sequence of write operations. The one or more processors can generate a second sequence of write operations based at least on the one or more distances. The one or more processors can cause the device to be configured using the second sequence of write operations.Type: ApplicationFiled: May 19, 2025Publication date: September 4, 2025Applicant: The Charles Stark Draper Laboratory, Inc.Inventor: Eli Boling
-
Patent number: 12393677Abstract: Systems and methods for metadata processing. In some embodiments, one or more metadata inputs may be processed to determine whether to allow an instruction. For instance, one or more classification bits may be identified from a metadata input of the one or more metadata inputs, and the metadata input may be processed based on the one or more classification bits.Type: GrantFiled: January 15, 2020Date of Patent: August 19, 2025Assignee: Dover Microsystems, Inc.Inventors: Andrew Sutherland, Steven Milburn, Gregory T. Sullivan, Eli Boling
-
Publication number: 20250208997Abstract: Presented herein are systems and methods for configuring devices with write operations. One or more processors can identify a first sequence of write operations to configure a device. Each write operation in the first sequence of write operations can identify a set of a value and an address to which to write the value. The one or more processors can determine one or more distances between a set of the value and the address of a write operation and at least one other set of the value and the address of one or more other write operations in the first sequence of write operations. The one or more processors can generate a second sequence of write operations based at least on the one or more distances. The one or more processors can cause the device to be configured using the second sequence of write operations.Type: ApplicationFiled: December 20, 2023Publication date: June 26, 2025Applicant: The Charles Stark Draper Laboratory, Inc.Inventor: Eli Boling
-
Patent number: 12339772Abstract: Presented herein are systems and methods for configuring devices with write operations. One or more processors can identify a first sequence of write operations to configure a device. Each write operation in the first sequence of write operations can identify a set of a value and an address to which to write the value. The one or more processors can determine one or more distances between a set of the value and the address of a write operation and at least one other set of the value and the address of one or more other write operations in the first sequence of write operations. The one or more processors can generate a second sequence of write operations based at least on the one or more distances. The one or more processors can cause the device to be configured using the second sequence of write operations.Type: GrantFiled: December 20, 2023Date of Patent: June 24, 2025Inventor: Eli Boling
-
Publication number: 20250086162Abstract: Systems and methods for updating metadata. In some embodiments, in response to detecting an instruction executed by a hardware system, a source location of the instruction may be identified. First metadata associated with the instruction may be used to determine whether the instruction is allowed. In response to determining that the instruction is allowed, the source location of the instruction may be associated with second metadata.Type: ApplicationFiled: July 19, 2024Publication date: March 13, 2025Applicant: Dover Microsystems, Inc.Inventors: Eli Boling, Steven Milburn, Gregory T. Sullivan, Andrew Sutherland
-
Patent number: 12248564Abstract: According to at least one aspect, a hardware system include a host processor, a policy engine, and an interlock is provided. These components can interoperate to enforce security policies. The host processor can execute an instruction and provide instruction information to the policy engine and the result of the executed instruction to the interlock. The policy engine can determine whether the executed instruction is allowable according to one or more security policies using the instruction information. The interlock can buffer the result of the executed instruction until an indication is received from the policy engine that the instruction was allowable. The interlock can then release the result of the executed instruction. The policy engine can be configured to transform instructions received from the host processor or add inserted instructions to the policy evaluation pipeline to increase the flexibility of the policy engine and enable enforcement of the security policies.Type: GrantFiled: April 2, 2024Date of Patent: March 11, 2025Assignee: Dover Microsystems, Inc.Inventors: Steven Milburn, Eli Boling
-
Patent number: 12242575Abstract: A system including at least one processor programmed to identify, based on a policy to be enforced, one or more metadata symbols corresponding to an entity name; identify, from a target description describing a target system, an entity description matching the entity name, wherein the entity description describes an entity of the target system; and apply a metadata label to the entity of the target system, wherein the metadata label is based on the one or more metadata symbols corresponding to the entity name, as identified based on the policy.Type: GrantFiled: July 7, 2023Date of Patent: March 4, 2025Assignee: Dover Microsystems, Inc.Inventors: Eli Boling, Steven Milburn, Gregory T. Sullivan, Andrew Sutherland
-
Publication number: 20250045056Abstract: A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.Type: ApplicationFiled: October 23, 2024Publication date: February 6, 2025Inventors: Steve E. Milburn, Eli Boling, Andre' DeHon, Andrew B. Sutherland, Gregory T. Sullivan
-
Patent number: 12159143Abstract: A system and method of processing instructions may comprise an application processing domain (APD) and a metadata processing domain (MTD). The APD may comprise an application processor executing instructions and providing related information to the MTD. The MTD may comprise a tag processing unit (TPU) having a cache of policy-based rules enforced by the MTD. The TPU may determine, based on policies being enforced and metadata tags and operands associated with the instructions, that the instructions are allowed to execute (i.e., are valid). The TPU may write, if the instructions are valid, the metadata tags to a queue. The queue may (i) receive operation output information from the application processing domain, (ii) receive, from the TPU, the metadata tags, (iii) output, responsive to receiving the metadata tags, resulting information indicative of the operation output information and the metadata tags; and (iv) permit the resulting information to be written to memory.Type: GrantFiled: July 21, 2023Date of Patent: December 3, 2024Assignee: The Charles Stark Draper LaboratoryInventors: Steve E. Milburn, Eli Boling, Andre DeHon, Andrew B. Sutherland, Gregory T. Sullivan
-
Publication number: 20240394362Abstract: According to at least one aspect, a hardware system include a host processor, a policy engine, and an interlock is provided. These components can interoperate to enforce security policies. The host processor can execute an instruction and provide instruction information to the policy engine and the result of the executed instruction to the interlock. The policy engine can determine whether the executed instruction is allowable according to one or more security policies using the instruction information. The interlock can buffer the result of the executed instruction until an indication is received from the policy engine that the instruction was allowable. The interlock can then release the result of the executed instruction. The policy engine can be configured to transform instructions received from the host processor or add inserted instructions to the policy evaluation pipeline to increase the flexibility of the policy engine and enable enforcement of the security policies.Type: ApplicationFiled: April 2, 2024Publication date: November 28, 2024Applicant: Dover Microsystems, Inc.Inventors: Steven Milburn, Eli Boling
-
Publication number: 20240354412Abstract: Systems and methods for on-demand loading of metadata. In some embodiments, in response to receiving a page fault service request from an operating system kernel, at least one first physical page may be allocated in an application memory for a virtual address indicated in the page fault service request. Metadata may be loaded into at least one second physical page in a metadata memory, wherein: the at least one second physical page in the metadata memory corresponds to the at least one first physical page in the application memory; and the metadata loaded into the at least one second physical page corresponds to application data loaded into the at least one first physical page.Type: ApplicationFiled: September 2, 2022Publication date: October 24, 2024Applicant: DOVER MICROSYSTEMS, INC.Inventors: Eli Boling, Steven Milburn
-
Patent number: 12124576Abstract: Systems and methods for violation processing. In some embodiments, in response to detecting a policy violation, tag processing hardware may enter a violation processing mode, and may cause a host processor to begin executing violation processing code. The tag processing hardware may continue checking one or more instructions in an instruction queue. In response to encountering, in the instruction queue, an instruction of the violation processing code, the tag processing hardware may exit the violation processing mode.Type: GrantFiled: December 23, 2021Date of Patent: October 22, 2024Assignee: Dover Microsystems, Inc.Inventors: Eli Boling, Steven Milburn
-
Patent number: 12124566Abstract: Systems and methods for metadata processing. In some embodiments, a target address may be received from a host processor. The target address may be used to access mapping information and decoding information, the mapping information and the decoding information being associated with the target address. The mapping information may be used to map the target address to a metadata address. The metadata address may be used to retrieve metadata, and the decoding information may be used to decode the retrieved metadata.Type: GrantFiled: November 11, 2019Date of Patent: October 22, 2024Assignee: Dover Microsystems, Inc.Inventors: Eli Boling, Steven Milburn, Gregory T. Sullivan, Andrew Sutherland
-
Patent number: 12079197Abstract: Systems and methods for updating metadata. In some embodiments, in response to detecting an instruction executed by a hardware system, a source location of the instruction may be identified. First metadata associated with the instruction may be used to determine whether the instruction is allowed. In response to determining that the instruction is allowed, the source location of the instruction may be associated with second metadata.Type: GrantFiled: October 16, 2020Date of Patent: September 3, 2024Assignee: Dover Microsystems, Inc.Inventors: Eli Boling, Steven Milburn, Gregory T. Sullivan, Andrew Sutherland
-
Patent number: 11977613Abstract: A system including at least one processor programmed to translate a policy into policy code, wherein: the policy is provided in a policy language; the policy code is in a programming language that is different from the policy language; and the policy includes a statement that maps an entity name to one or more metadata symbols to be associated with an entity in a target system against which the policy is to be enforced.Type: GrantFiled: April 13, 2022Date of Patent: May 7, 2024Assignees: Dover Microsystems, Inc., The Charles Stark Draper Laboratory, Inc.Inventors: Eli Boling, Steven Milburn, Gregory T. Sullivan, Andrew Sutherland, Christopher J. Casinghino
-
Publication number: 20240045932Abstract: A system including at least one processor programmed to identify, based on a policy to be enforced, one or more metadata symbols corresponding to an entity name; identify, from a target description describing a target system, an entity description matching the entity name, wherein the entity description describes an entity of the target system; and apply a metadata label to the entity of the target system, wherein the metadata label is based on the one or more metadata symbols corresponding to the entity name, as identified based on the policy.Type: ApplicationFiled: July 7, 2023Publication date: February 8, 2024Applicant: Dover Microsystems, Inc.Inventors: Eli Boling, Steven Milburn, Gregory T. Sullivan, Andrew Sutherland